admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/10xxx/CVE-2024-10598.json

126 lines
4.8 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2024-10-31 16:00:31 +00:00
{
"-Synchronized-Data."
2024-10-31 22:00:36 +00:00
"data_version": "4.0",
"-Synchronized-Data."
2024-10-31 16:00:31 +00:00
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-10598",
"-Synchronized-Data."
2024-10-31 22:00:36 +00:00
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
"-Synchronized-Data."
2024-10-31 16:00:31 +00:00
},
"description": {
"description_data": [
{
"lang": "eng",
"-Synchronized-Data."
2024-10-31 22:00:36 +00:00
"value": "A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In Tongda OA 11.2/11.3/11.4/11.5/11.6 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei general/hr/setting/attendance/leave/data.php der Komponente Annual Leave Handler. Durch das Beeinflussen mit unbekannten Daten kann eine improper authorization-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Authorization",
"cweId": "CWE-285"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tongda",
"product": {
"product_data": [
{
"product_name": "OA",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "11.2"
},
{
"version_affected": "=",
"version_value": "11.3"
},
{
"version_affected": "=",
"version_value": "11.4"
},
{
"version_affected": "=",
"version_value": "11.5"
},
{
"version_affected": "=",
"version_value": "11.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.282610",
"refsource": "MISC",
"name": "https://vuldb.com/?id.282610"
},
{
"url": "https://vuldb.com/?ctiid.282610",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.282610"
},
{
"url": "https://vuldb.com/?submit.433495",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.433495"
},
{
"url": "https://github.com/LvZCh/td/issues/1",
"refsource": "MISC",
"name": "https://github.com/LvZCh/td/issues/1"
}
]
},
"credits": [
{
"lang": "en",
"value": "LVZC (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
"-Synchronized-Data."
2024-10-31 16:00:31 +00:00
}
]
}
}
Reference in New Issue Copy Permalink